How to Stop an Intel Foreshadow Bug Exploit Attack

Several execution vulnerabilities has been detected to affect Intel Processors. The vulnerabilities which were detected so far have been reported to be an execution type of flaws and were quickly named Foreshadow.

The vulnerabiltities aim to gain control of the Intel™ Core and Intel™ Xeon type of processors. The name of the bugs assigned by Intel is Foreshadow, and these vulnerabilities are L1TF (Terminal Fault) flaws. The bugs have been tracked under the following security code names:

  • CVE-2018-3615
  • CVE-2018-3620
  • CVE-2018-3646

According to the official description, the vulnerabilities can allow the following attack to take place:

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a side-channel analysis.

The bugs can allow attacks that can extract information from the affected computers, like the cryptographic keys for the processor’s architecture, data from System Management Mode of the kernel and data from virtual machines running on the host system.

Even though the three Foreshadow vulnerabilities have not been detected in the wild in relation to any malware, researchers have managed to find a method via which they can conduct an attack that can function properly. So far, Intel have not released infromation on how this information can be used to conduct an attack and for good reason.

The only information disclosed is the affected device models which have been reported to be the following:

  • All SGX-enabled processors (Skylake and Kaby Lake)
  • Intel Core™ i3/i5/i7/M processor (45nm and 32nm)
  • 2nd/3rd/4th/5th/6th/7th/8th generation Intel Core processors
  • Intel Core X-series Processor Family for Intel X99 and X299 platforms
  • Intel Xeon processor 3400/3600/5500/5600/6500/7500 series
  • Intel Xeon Processor E3 v1/v2/v3/v4/v5/v6 Family
  • Intel® Xeon® Processor E5 v1/v2/v3/v4 Family
  • Intel® Xeon® Processor (Read more...)

*** This is a Security Bloggers Network syndicated blog from How to, Technology and PC Security Forum | authored by Vencislav Krustev. Read the original post at: